In the field of computers, security is a major area of concern in many applications. Horror stories abound of so-called "hackers" gaining unauthorized access to various computer systems. The problem exists for both commercial and military systems. Unauthorized access to a computer system can give the accessing party the ability to mis-transfer funds, modify records, and see materials of a classified nature, just to name a few things.
In the March 1986 issue of Network Security in an article entitled "An Overview of Handheld Password Generators", the statement is made that,
"The most pervasive element of computer security is the password or Personal Identification Number (PIN). It has long been viewed as one of the weakest links in maintaining system integrity. As the best available alternative, thousands of organizations have adopted traditional password schemes knowing full well that the weaknesses represent a major vulnerability to their system security. PA0 In the early 1980s scores of engineers and entrepreneurs focused on techniques to identify people based on physical or behavioral characteristics. In addition, a few companies designed a new class of products called handheld password generators." (Emphasis added)
The article then goes on to describe various forms of these handheld password generators as are presently being made commercially available by various companies.
One of the big problems with traditional password schemes is that they typically use a single password comprised of a sequence of alpha-numeric characters to gain access to the system as depicted in FIG. 1. The access-controlling computer 10 contains a pre-defined password 12. When a user at a remote station 14 tries to gain access, the computer 10 has typically sent the message "INPUT PASSWORD:" and is waiting for the user to input the password through the keyboard 16. If the proper password is input (i.e. it compares to the password 12) access is granted. If not, the computer 10 loops back to the point in its logic where the "INPUT PASSWORD:" message is output. The stored password 12 may be changed periodically; but, a given password is typically in place for a substantial period of time. Moreover, the access programming sequence is typically a simple loop that asks for the password and returns to the beginning of the loop if the improper password is entered, repeating the process over and over again until the proper password is provided or until the person trying to gain access gives up. Thus, anyone trying to gain unauthorized access has unlimited opportunity to try various passwords. In such an environment, a typical approach is to tie the input sequence to a computer generating various passwords. The computer employs a pseudo random password generator to input to the password checking loop until the proper password is stumbled upon. For a human operator, such an approach would be virtually unthinkable. For a computer, it is everyday business as usual. The same approach is used to find the telephone number for remote access to computer systems. The hacker simply sets up the computer to sequentially try telephone numbers and note those for which a computer modem carrier signal is returned. The hacker can then try those numbers at a later time to determine ones of possible interest for which unauthorized access will be tried. Such clandestine attempts at gaining entry or system information are typically tried at night when there is no one in the area of the computer and hundreds of thousands of combinations can be tried without alerting operating personnel.
Another limiting factor of typical password schemes is the vulnerability of the password to detection. In many cases, an unsophisticated user who has difficulty remembering the password simply writes it down somewhere in the area--often on the bezel area of the terminal display or keyboard. Unthinkable as it seems, there are people who write their PIN number on their credit cards and ATM bank cards because they cannot remember them. In the alternative, when users have the opportunity to choose the password or their PIN number, they often choose something that they have memorized or that is already written down. Telephone numbers, driver's license numbers, social security numbers, birth dates, and the like, are typical candidates. Thieves and unauthorized computer accessors know this and try those alpha-numeric sequences first.
Passwords can also be obtained in other ways. When a user enters his or her password, they seldom check to see if someone is looking over their shoulder and watching the sequence as entered. A high power telescope can be used to watch through a window from a considerable distance and allow the password to be seen as it is entered. Where the password is entered from a remote terminal over a telephone line or local area network (LAN) by means of a modem, the password can be detected electronically as it passes along the telephone line or LAN. Of course, the more important the access is to the system, the more sophisticated the equipment that can be brought to bear on finding out the password. In cases of espionage and national security, the world of James Bond and "007" is a reality that can be made readily available to operatives. The handheld password generators of the above-described article are intended to help break the pattern of password detection by, for example, inputting the password directly to the computer through an optical interface which generates no detectable radio frequency emissions and whose input sequence cannot be seen easily when the device is used.
While entry to the computer itself is the most obvious area of need, computer-controlled access environments where a computer controls the opening of doors, vaults, etc., have a similar need.
Since the password is still the "best available alternative" as quoted above, what is needed is a system for password verification which is adaptable to user log-on from a distance over telephone lines or a LAN as well as locally, in which there is a bi-directional interchange between the computer and the user which is unbreakable even if some or all of the information of one or more log-ons is obtained by unauthorized parties.